1. Field of the Invention
The invention relates generally to an improved data processing system, and in particular, to a computer implemented method for improving the security of data. Still more particularly, the invention relates to a computer implemented method, system, and computer usable program code for context aware data content protection.
2. Description of the Related Art
Security of data is a well recognized need in implementing and operating data processing environments. The type of security afforded data in a data processing environment is informed by a variety of factors. For example, certain data may be accessible only by a restricted group of users and applications. As another example, certain data may be read-only and may not be modifiable. As another example, certain data may not be duplicated or moved from a designated location.
Risks associated with data tampering or data loss, corporate compliance requirements, policies and rules, asset protection, and other similar considerations are used for designing a security measure around data in a particular data processing environment. For example, a data processing environment may restrict access to certain credit card information to prevent malicious use of that information by unauthorized persons. As another example, a data processing environment may restrict access to certain product design documents embodying intellectual property of an organization to avoid undesirable distribution of those documents.
Typically, data is stored in data repositories, served by some applications, and consumed by other applications. In some cases, the repository, the server application, and the consumer application may exist in combined forms in different combinations.
In prior art, security of data is a responsibility that falls on the repository or the applications that are handling the data. The rules and policies for data security are created, administered, and enforced through these components of the data processing environment.
In certain data processing environment configurations, the creation and administration of data security policies may be a centralized function. For example, a policy management application may allow an administrator to implement a corporate policy into a rule in the policy management application. The policy management application then provides the rule to the repository or one or more applications for enforcement.